[Date Prev][Date Next]
Re: Client blocking forever in SSL_connect
At 10:43 AM 12/19/2005, Ralf Haferkamp wrote:
>I ran into a problem where an LDAP Client, that uses SSL/TLS (no matter
>whether via ldaps or START_TLS) was indefinitely blocking in the
>SSL_connect() call in libraries/libldap/tls.c.
>As libldap mostly uses blocking IO (as far as I understand), the
>SSL_connect call also uses blocking IO (according to the openssl docs)
>and so it can easily block if the server does not reply.
>I am wondering if it is possible to add functionallty to the API that
>one can use SSL_connect in a non-blocking fashion. For example by
>setting the underlying socket to non-blocking just before the
>SSL_connect call and using select with the LDAP_OPT_NETWORK_TIMEOUT
>timeout value and setting it back to blocking IO after the SSL
>handshake completed. Similar to what is done in ldap_pvt_connect() in
>Comments or other suggestions?
What API would you provide to the program to continue the
communication once blocking condition was removed?